SSESpecification defines the encryption configurations of a data table.
Data structure
message SSESpecification {
required bool enable = 1;
optional SSEKeyType key_type = 2;
optional bytes key_id = 3; // only useful when key_type is SSE_BYOK
optional bytes role_arn = 4; // only useful when key_type is SSE_BYOK
}Parameter | Type | Required | Description |
enable | bool | Yes | Specifies whether to enable data encryption. By default, data encryption is not enabled. If you want to encrypt the data in the table, you must enable the data encryption feature. |
key_type | No | The encryption type. Two types are supported: customer master key (CMK) managed by Key Management Service (KMS) and Bring-Your-Own-Key (BYOK)-based key. | |
key_id | bytes | No | The ID of the key. This parameter is required when you select BYOK-based key as the encryption type. |
role_arn | bytes | No | The Alibaba Cloud Resource Name (ARN) of the Resource Access Management (RAM) role. This parameter is required when you select BYOK-based key as the encryption type. |